Use des_key only for encryption purposes

[rcubetrac]

Reported by @alecpl on 23 May 2015 09:45 UTC as Trac ticket #1490404

The des_key should not be used for many purposes. Currently it's used to:

1. encrypt users IMAP passwords using 3DES algorithm,
2. generate session identifier using SHA-1 or MD5 algorithms,
3. generate anti-CSRF token using MD5 algorithms,
4. generate unique hash of user using MD5 algorithm.

Usage of the same cryptographic key for multiple purposes increases risk of disclosure and unauthorized usage. Additionally, partial usage of the key allows to perform brute-force guessing.

I think 2-4 could use the recently added rcube_utils::random_bytes() function which uses openssl_random_pseudo_bytes(). See 3994b3a

Migrated-From: http://trac.roundcube.net/ticket/1490404

[rcubetrac]

Comment by @alecpl on 23 May 2015 10:03 UTC

Note that [4] already does not use des_key since a74d023, but still it could use openssl function instead of mt_rand().

[rcubetrac]

Comment by @alecpl on 22 Jul 2015 14:01 UTC

Forget my note about random_bytes() it's unrelated. So, we have fixed 4. and we leave 1. as a valid/basic des_key use. This means we have two cases to fix:

1. session 'secret' setting in rcube::session_init().
2. anti-csrf token generation in rcube::get_request_token().

I don't think we can just get rid of it, we need another "constant" unique identifier. So, another config option?

[rcubetrac]

Milestone changed by @alecpl on 3 Sep 2015 10:06 UTC

1.1.3 => 1.2-beta

[rcubetrac]

Comment by @alecpl on 8 Sep 2015 07:39 UTC

Fixed in f75bc5c. We use random strings in these places.

[rcubetrac]

Status changed by @alecpl on 8 Sep 2015 07:39 UTC

new => closed